- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
XR1000 DoS attack issues
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
XR1000 DoS attack issues
Im having a lot of consitent messages pop up recently in the system information, my ping now spikes ridiclously (was 40-50 now 70-100) to 300+. any help would be appreciated.
logs
[Time synchronized with NTP server] Sunday, Jun 06,2021 17:06:17
[DoS attack: Fraggle Attack] from source UNKNOWN,port 443 Sunday, Jun 06,2021 17:05:58
[Time synchronized with NTP server] Sunday, Jun 06,2021 17:05:17
[DoS attack: ACK Scan] from source 104.16.248.249,port 443 Sunday, Jun 06,2021 17:05:06
[DoS attack: ACK Scan] from source 35.186.224.25,port 443 Sunday, Jun 06,2021 17:04:44
[DoS attack: ACK Scan] from source 34.120.5.221,port 443 Sunday, Jun 06,2021 17:04:27
[DoS attack: ACK Scan] from source 34.120.237.76,port 443 Sunday, Jun 06,2021 17:04:27
[DoS attack: ACK Scan] from source 34.120.5.221,port 443 Sunday, Jun 06,2021 17:04:26
[Time synchronized with NTP server] Sunday, Jun 06,2021 17:04:17
[DoS attack: ACK Scan] from source 35.244.181.201,port 443 Sunday, Jun 06,2021 17:04:03
[DoS attack: Fraggle Attack] from source UNKNOWN,port 443 Sunday, Jun 06,2021 17:03:53
[DoS attack: ACK Scan] from source 44.242.93.71,port 443 Sunday, Jun 06,2021 17:03:30
[Time synchronized with NTP server] Sunday, Jun 06,2021 17:03:17
[DoS attack: ACK Scan] from source 52.84.160.211,port 80 Sunday, Jun 06,2021 17:02:26
[Time synchronized with NTP server] Sunday, Jun 06,2021 17:02:17
[DoS attack: ACK Scan] from source 52.84.169.53,port 443 Sunday, Jun 06,2021 17:02:01
[DoS attack: Fraggle Attack] from source UNKNOWN,port 443 Sunday, Jun 06,2021 17:01:48
[Time synchronized with NTP server] Sunday, Jun 06,2021 17:01:16
[DoS attack: ACK Scan] from source 35.186.224.47,port 443 Sunday, Jun 06,2021 17:00:53
[DoS attack: ACK Scan] from source 35.186.224.44,port 443 Sunday, Jun 06,2021 17:00:34
[Time synchronized with NTP server] Sunday, Jun 06,2021 17:00:16
[DoS attack: ACK Scan] from source 52.230.222.68,port 443 Sunday, Jun 06,2021 17:00:14
[DoS attack: ACK Scan] from source 35.190.245.73,port 4070 Sunday, Jun 06,2021 17:00:06
[DoS attack: Fraggle Attack] from source UNKNOWN,port 39421 Sunday, Jun 06,2021 16:59:43
[Time synchronized with NTP server] Sunday, Jun 06,2021 16:59:38
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: XR1000 DoS attack issues
Netgear's firmware is great at creating false reports of DoS attacks. Many of them are no such thing.
Search - NETGEAR Communities – DoS attacks
Use Whois.net to see who is behind some of them and you may find that they are from places like Facebook, Google, even your ISP.
Here is a useful tool for that task:
IPNetInfo: Retrieve IP Address Information from WHOIS servers
Most of your "attacks" are from Google and Amazon, with Microsoft thrown in for good measure.
If these events are slowing down your router, that may be because it is using up processor time as it writes the events to your logs. Anything that uses processor power – event logging, QoS management, traffic metering – may cause slowdowns. Disable logging of DoS attacks and see if that reduces the problem. This does not prevent the router from protecting you from the outside world.
You have posted your message in the section of this community given over to Nighthawk WiFi Routers. (This is easily done, given Netgear's complicated community structure.)
Many questions apply to different types of device, so you might get responses here, but you might get more help, and find earlier questions and answers specific to your hardware, in the appropriate section for your device. That's probably here:
Nighthawk Pro Gaming Routers - NETGEAR Communities
I will ask the Netgear moderator to move your message.
In the meantime you could visit the support pages:
Support | NETGEAR
Feed in your model number and check the documentation for your hardware.
You may have done this already. I can't tell from your message.
I mention it because Netgear gave up on supplying paper manuals years ago and people sometimes miss the downloads.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: XR1000 DoS attack issues
Great response and explanation above! There messages are nothing to worry about.
In regards to you ping spikes, do you have both Geo-filter and QoS setup? These are the two biggest features for reducing this sort of behaviour in-game.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: XR1000 DoS attack issues
I will have to try and take of the scripts when I get home from work. Appreciate the thoughtfulness of your message
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: XR1000 DoS attack issues
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: XR1000 DoS attack issues
OK, I was just thinking perhaps this might have been something we can adjust to reduce these ping spikes but let us know how you get on and we'd be happy to assist further.
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more